48 matches found
CVE-2026-52715
Unauthenticated SQL Injection in GEO my WordPress = 4.5.5 versions...
CVE-2026-52715 WordPress GEO my WordPress plugin <= 4.5.5 - SQL Injection vulnerability
Unauthenticated SQL Injection in GEO my WordPress = 4.5.5 versions...
CVE-2026-52715
GEO my WordPress plugin (WordPress)
EUVD-2026-37051
Unauthenticated SQL Injection in GEO my WordPress = 4.5.5 versions...
EUVD-2024-29919
Malicious code in bioql PyPI...
EUVD-2024-52449
Malicious code in bioql PyPI...
EUVD-2024-42363
Malicious code in bioql PyPI...
EUVD-2023-56808
Malicious code in bioql PyPI...
CVE-2024-32097
Cross-Site Request Forgery CSRF vulnerability in Eyal Fitoussi GEO my WordPress.This issue affects GEO my WordPress: from n/a through 4.1...
CVE-2024-54326
Missing Authorization vulnerability in Eyal Fitoussi GEO my WordPress geo-my-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GEO my WordPress: from n/a through = 4.5.0.4...
CVE-2023-52134
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eyal Fitoussi GEO my WordPress.This issue affects GEO my WordPress: from n/a through 4.0.2...
CVE-2023-5467
The GEO my WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...
CVE-2024-47327
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eyal Fitoussi GEO my WordPress geo-my-wp allows Reflected XSS.This issue affects GEO my WordPress: from n/a through = 4.5.0.3...
CVE-2024-54326
Missing Authorization vulnerability in Eyal Fitoussi GEO my WordPress geo-my-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GEO my WordPress: from n/a through = 4.5.0.4...
CVE-2024-54326
CVE-2024-54326 is a Missing Authorization vulnerability in GEO my WP for WordPress. Public details in the RH advisory indicate the flaw arises from incorrect access control in GEO my WP, affecting GEO my WP versions up to 4.5.0.4. The CVE entry notes an impact by allowing unauthorized access due ...
PT-2024-36209 · WordPress · Geo My Wordpress
Name of the Vulnerable Software and Affected Versions: GEO my WordPress versions n/a through 4.5.0.4 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can lead to unauthorized access due ...
WordPress GEO My WordPress plugin < 4.5 - Admin+ Arbitrary File Upload vulnerability
Admin+ Arbitrary File Upload vulnerability discovered by Michael Dyrna in WordPress Plugin GEO my WordPress versions 4.5...
WordPress GEO my WordPress Plugin < 4.5 is vulnerable to Arbitrary File Upload
Software GEO my WordPress Type Plugin Vulnerable versions 4.5 Fixed in 4.5 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-9422 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID d3c56af69a13 Credits Michael Dyrna Required privilege Administrator...
CVE-2024-47327
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eyal Fitoussi GEO my WordPress geo-my-wp allows Reflected XSS.This issue affects GEO my WordPress: from n/a through = 4.5.0.3...
CVE-2024-47327
CVE-2024-47327 is a reflected XSS in the GEO my WordPress plugin up to version 4.5.0.3 (unauthenticated). Public doc confirms impact is Reflected XSS and that a fix exists in 4.5.0.4. Recommendation: upgrade GEO my WP to 4.5.0.4 or later to remediate; no exploitation details are provided in the i...